279 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-4109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509VFLAGPOLICYCHECK is enabled, allows remote attackers to have an unspecified impact by...
Oracle Linux 8 : nodejs:20 (ELSA-2025-1351)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1351 advisory. - Update to version 20.18.2 Fixes: CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76001 RHEL-76146 - Update to 20.16.0 Fixes: CVE-2024-361...
CVE-2024-53850
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...
CVE-2023-46715
An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send but not receive packets spoofing the IP of another user via crafted network packets...
The vulnerability of the Addressing system’s plugin for requests, incidents, and inventory management of computer equipment in GLPI arises from the use of an external controlled input for selecting classes or codes. This allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the addressing plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the use of an external controlled input for selecting classes or codes. Exploiting this vulnerability can allow a malicious actor to gain unauthorized...
DEBIAN-CVE-2024-53188
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix crash when unbinding If there is an error during some initialization related to firmware, the function ath12kdpcccleanup is called to release resources. However this is released again when the device is unbinded...
CVE-2024-53850
The CVE-2024-53850 entry maps to the Addressing GLPI plugin vulnerability. The connected PT-2024-9988 advisory specifies affected versions 3.0.0 through 3.0.3 and attributes the issue to a poor security check that allows an unauthenticated attacker to determine whether data exists by name in GLPI...
CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...
CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...
CVE-2024-53850 The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists by name in GLPI...
PT-2025-8786
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been identified, specifically in the powerpc/pseries/iommu module. The issue arises when the Power Hypervisor allocates an MMIO window that...
perl-App-cpanminus:1.7044 security update
perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-45321 perl-CPAN-DistnameInfo perl-CPAN-Meta-Check perl-File-pushd perl-Module-CPANfile perl-Parse-PMFile perl-String-ShellQuote perl-App-cpanminus 1.7044-6 - Patch the code to use https instead of http CVE-2024-453...
PT-2024-9988 · Glpi · Addressing Glpi Plugin
Name of the Vulnerable Software and Affected Versions: Addressing GLPI plugin versions 3.0.0 through 3.0.3 Description: The issue is related to a poor security check in the Addressing GLPI plugin, which allows an unauthenticated attacker to determine whether data exists by name in GLPI. This can...
CVE-2024-11263
When the Global Pointer GP relative addressing is enabled CONFIGRISCVGP=y, the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols...
CVE-2024-11263
CVE-2024-11263 concerns RISCV GP relative addressing when CONFIG_RISCV_GP=y. The gp register is reported to point 0x800 bytes past the start of the .sdata section, which the linker uses to relax accesses to global symbols. Across the connected documents, the issue is described with this root caus...
Zephyr 安全漏洞
Zephyr is an extensible real-time operating system RTOS that is open-sourced by Zephyr. A security vulnerability exists in Zephyr version 3.7.0 and prior versions, which stems from a gp reg pointing to the 0x800 byte at the beginning of the .sdata section when Global Pointer GP Relative Addressin...
PT-2024-16871 · Risc-V · Risc-V
Name of the Vulnerable Software and Affected Versions: RISC-V affected versions not specified Description: The issue concerns the Global Pointer GP relative addressing when enabled CONFIG RISCV GP=y. In this configuration, the gp register points 0x800 bytes past the start of the .sdata section,...
cups-filters security update
1.0.35-29.0.3 - Unsupport cups-browsed service - CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 Orabug: 37217141...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...
CVE-2023-52910 iommu/iova: Fix alloc iova overflows issue
In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...